From mboxrd@z Thu Jan 1 00:00:00 1970 Delivered-To: chneukirchen@gmail.com Received: by 10.142.191.1 with SMTP id o1cs335367wff; Fri, 18 Dec 2009 07:03:42 -0800 (PST) Received: from mr.google.com ([10.150.24.20]) by 10.150.24.20 with SMTP id 20mr2505961ybx.23.1261148621943 (num_hops = 1); Fri, 18 Dec 2009 07:03:41 -0800 (PST) Received: by 10.150.24.20 with SMTP id 20mr332728ybx.23.1261148620565; Fri, 18 Dec 2009 07:03:40 -0800 (PST) X-BeenThere: rack-devel@googlegroups.com Received: by 10.150.77.36 with SMTP id z36ls8758yba.3.p; Fri, 18 Dec 2009 07:03:38 -0800 (PST) Received: by 10.150.90.1 with SMTP id n1mr1210017ybb.5.1261148618643; Fri, 18 Dec 2009 07:03:38 -0800 (PST) Received: by 10.91.163.12 with SMTP id q12mr1353632ago.4.1261147956059; Fri, 18 Dec 2009 06:52:36 -0800 (PST) Received: by 10.91.163.12 with SMTP id q12mr1353629ago.4.1261147956017; Fri, 18 Dec 2009 06:52:36 -0800 (PST) Return-Path: Received: from mail-gx0-f190.google.com (mail-gx0-f190.google.com [209.85.217.190]) by gmr-mx.google.com with ESMTP id 12si383911gxk.6.2009.12.18.06.52.35; Fri, 18 Dec 2009 06:52:35 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning iha@inetcore.com does not designate 209.85.217.190 as permitted sender) client-ip=209.85.217.190; Received: by mail-gx0-f190.google.com with SMTP id 6so6831927gxk.13 for ; Fri, 18 Dec 2009 06:52:35 -0800 (PST) MIME-Version: 1.0 Received: by 10.101.133.26 with SMTP id k26mr123316ann.8.1261147955124; Fri, 18 Dec 2009 06:52:35 -0800 (PST) Date: Fri, 18 Dec 2009 06:52:35 -0800 (PST) In-Reply-To: <200910191407.03030.ibc@aliax.net> X-IP: 121.2.69.161 References: <200910162033.57584.ibc@aliax.net> <391a49da0910190433u24652f90g4bfbca5d9807be8a@mail.gmail.com> <200910191354.00488.ibc@aliax.net> <200910191407.03030.ibc@aliax.net> User-Agent: G2/1.0 X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ja; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6,gzip(gfe),gzip(gfe) Message-ID: <8601f15a-3436-42e3-a0f3-f9338963201d@b36g2000prf.googlegroups.com> Subject: Re: How to use Rack::Auth::Digest::MD5 From: Genta IHA To: =?ISO-8859-1?Q?I=F1aki_Baz_Castillo?= Cc: rack-devel@googlegroups.com Reply-To: rack-devel@googlegroups.com Precedence: list Mailing-list: list rack-devel@googlegroups.com; contact rack-devel+owners@googlegroups.com List-ID: List-Post: , List-Help: , List-Archive: X-Thread-Url: http://groups.google.com/group/rack-devel/t/d6cf30e9ccdc6dde X-Message-Url: http://groups.google.com/group/rack-devel/msg/8f30df2ade9a932 Sender: rack-devel@googlegroups.com List-Unsubscribe: , List-Subscribe: , Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hello, > Hi, could I get an example of Rack::Auth::Digest::MD5 usage? By reading t= he > doc I get confussed: : (snip) > Thanks, but what about if I just want to ask for authentication depending > =A0on the URL? Please try this example: ---- class DigestAuthApp USERS =3D { 'office' =3D> { 'alice' =3D> 'opensesame', }, 'home' =3D> { 'bob' =3D> 'hello', }, } def call(env) req =3D Rack::Request.new(env) return view_global(env) if %r!^/service1/global/! =3D~ req.fullpath _, user, realm, path =3D *%r!^/service1/users/(\w+)@([^/]+)/ (.*)!.match(req.fullpath) # authentication needed for users area env =3D callcc do |cont| auth =3D Rack::Auth::Digest::MD5.new(cont, realm) {|u| USERS[realm] [user] } auth.opaque =3D $$.to_s # or your favorite opaque return auth.call(env) # =3D> returns 401 if not authenticated end # authenticated req =3D Rack::Request.new(env) auth_user =3D req.env['REMOTE_USER'] body =3D '' [['user', auth_user], ['realm', realm], ['path', path]].each do | k, v| body +=3D k + ': ' + v + "\n" end [200, {"Content-Type" =3D> "text/plain"}, body] end def view_global(env) [200, {"Content-Type" =3D> "text/plain"}, 'Welcome to global area. Enjoy!'] end end ---- for /service1/users/.*@office/something: alice is permitted. bob is not. for /service1/users/.*@home/something: bob is permitted. alice is not. for /service1/global/something: Everyone is permitted. -- Genta IHA iha@inetcore.com